#505 — October 10, 2023
✍️ Due to being on the road attending the inaugural AI Engineer Summit, this week’s issue was meant to be shorter than usual.. but I’m not sure it’s actually turned out that way 😅 In any case, we’re back to full service next week!
__
Your editor, Peter Cooper
Payload 2.0: A Headless CMS Platform Built on Node — There’s much to like about Payload if you need a Node-based headless CMS, including a customizable React-based admin system, GraphQL or REST APIs, flexible auth and file upload systems, etc. Enough features to “feel more like an app framework akin to Laravel,” says James. v2.0 introduces Postgres support (it was exclusively using MongoDB before), Vite support, an all new rich text editor, and more. GitHub repo.
James Mikrut
A Web Server ‘Hello World’ Benchmark: Go vs Node vs Nim vs Bun — The standard disclaimer applies: benchmarks are difficult and don’t always measure what you should care about. Nonetheless, they remain of interest and here’s a quick example comparing the simplest of HTTP servers in with Go, Node, Bun and Nim.
Daniel Lemire
Feel the Power of More Than 420,000 Teammates and Work #LikeABosch — At Bosch, we shape the future with high-quality technologies and services to inspire people and improve their lives. And it’s our people who make us remarkable. Our success is your success. Let’s celebrate together. Learn more.
Bosch sponsor
Japa 3.0: Node.js Testing Perfection? Perhaps. — From the same creator as AdonisJS, Japa slides into your existing workflows and has no build tool requirements. Its author even makes the bold claim that “Japa is as close to perfection as it can get when it comes to testing in Node.js.”
Harminder Virk
📅 NodeConf EU 2023 is taking place next month (November 6-8) in Ireland.
⚙️ Stephen Röttger of the V8 team has blogged about efforts to enable control-flow integrity (CFI) in V8., essentially a way to reduce the ability of nefarious third parties to exploit V8’s control flow in order to trigger arbitrary shellcode.
🍞 Another week, another Bun release: Bun 1.0.4 gets more Node.js compatibility improvements and Bun.serve() now uses a lot less memory.
🔠 Phil Nash looks at some of the potential ‘dangers’ of regular expressions in JavaScript.
🚫 You can no longer use GITHUB_ENV to set NODE_OPTIONS in GitHub Actions workflows.
The Hidden Performance Cost of Node and GraphQL — “GraphQL’s modular structure generally leads to code that instantiates excessive promises, which degrades request performance.”
Utsav Shah
💡 Postgraphile provides another Node-related approach on this topic.
Termost: Another CLI App Framework — You don’t need a framework to create CLI apps with Node, but if you want things like options parsing, colorful output, and a help system out of the box, systems like Commander.js and oclif can be handy. Termost offers another option focused around a fluent/chainable API approach, first class TypeScript support, and a lighter touch.
Ayoub Adib
The Basics of Deploying and Testing AWS Step Functions with Node
Camilo Reyes
📰 Classifieds
🧑💻 Check out this walkthrough and demo of Temporal, the simple, scalable, open source way to write and run reliable cloud applications.
🐘 Learn how Epsio eliminates the constant struggle and costs of optimizing complex PostgreSQL queries by incrementally maintaining the results of your heaviest queries.
Tailwind Elements: 500+ Bootstrap Components Recreated with Tailwind — And, specifically for Node developers, there’s an Express integration.
Tailwind Elements
node-webrtc: Native Addon That Provides Bindings to WebRTC M94 — This project is aiming for spec compliance and will eventually be tested using the W3C’s web-platform-tests project. node-webrtc has been around a long time but this fork is notable for working with modern Node versions.
Wonder Inventions, Roberts, et al.
Visual Studio Code Extension Tester v5.10 — A framework for simulating user interactions with VS Code and its extensions via Selenium Webdriver. Clever idea.
Red Hat
🍀 MongoDB In-Memory Server 9.0 – A in-memory MongoDB instace for testing/mocking purposes.
oclif 4.0 – An open CLI framework for Node from Salesforce.
Poolifier 3.0 – Worker pools using worker_threads and cluster.
Mongoose 7.6 – Popular MongoDB object modeling library.
ArangoJS 8.5 – Driver for the ArangoDB graph database.
node-cron 3.1 – Execute functions on a schedule.
prom-client 15.0 – Prometheus client for Node.
🕰 ICYMI (Some older stuff that’s still worth checking out)
Victor Ikechukwu highlights the security implications of cross-origin resource sharing (CORS) in Node, along with some best practices.
QA engineer Luc Gagan shares how to identify and deal with flaky tests in Playwright.
Najia Gul looks at how we can avoid web cache poisoning attacks.
Here’s an overview of time-travel debugging and how it relates to debugging your production code execution.